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DETAILED ACTION 

1. Claims 1-4, 6-22, 24-33, and 35-43 are presented for examination. 

Claim Rejections - 35 USC § 112 

2. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

3. Claims 1-4, 6-22, 24-33, and 35-43 are rejected under 35 U.S.C. 1 12, second paragraph, 
as being indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. 

A. The claim language in the following claims is being considered as indefinite: 
I. As per claims 1, 1 1, 22 and 33, the claimed language are not clearly 

explain because the claimed limitation states "the at least one computer 
access setting comprising a listing of prohibited computer applications to 
which access is denied" [ i.e. application on this list is prohibiting from 
launch ], however, at the later part of the claim, another the claimed 
limitation is written as "when the requested computer application is not 
found in the another version of the computer access setting, then the 
control unit prohibits opening the window associated with the requested 
computer application, thus terminating the launch" [ i.e. application not on 
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this list is also prohibiting from launch ], as such, the claimed limitations 
are contradicting with one another. 

Claim Rejections - 35 USC §103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

5. Claims 1, 2, 4-8, 1 1-13, 15-19, 22-24, 26-30, 33-35, 37-41 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Heard et al. [ US Patent Application No 2006/0242685 ], in 
view of Balogh et al. [ US Patent No 7,047,258 ], and further in view Kruglenko [ US Patent 
Application No 2003/0218287 ]. 

6. As per claim 1, Heard discloses the invention as claimed including a system for 
automatically updating of computer access settings [ i.e. automatically push the security policy to 
the mobile device ] [810, Figure 8; Abstract; and paragraphs 0027 and 0030 ], comprising: 

at least one computer access setting for a respective user of a computer [ i.e. policy data ] 
[ paragraphs 0054, 0055, Permission Policies and Rule Policies tables ], one version of the at 
least one computer access setting being stored in a remote database [ i.e. LDAP storage 
directory ] [ 108, Figure 1; and paragraphs 0029, 0033, 0044 and 0045 ] and another version of 
the at least one computer access setting being stored in the computer [ i.e. the policy data is 
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decrypted and stored in the rules engine store ] [612, Figure 6; and paragraph 0061, 0062 and 
0066 ]; 

a control unit to communicate with the computer [ i.e. gatekeeper ] [ 104, Figure 1; and 
paragraphs 0030 and 003 1 ] and to automatically update the versions of the at least one 
computer access settings in the computer and the remote database to coincide with each other 
responsive to at least one computer event [ i.e. updating policy information and distributing the 
updated policy information to the mobile device when synchronization ] [ 808, 810, Figure 8; 
paragraphs 0059, 0073, 0074; and claims 1 and 2 ]. 

Heard does not specifically disclose 

the at least one control access setting being stored in the remote database is updated to 
reflect changes made to the at least one control access setting being stored in the computer and 
vice versa; 

Balogh discloses 

the at least one control access setting being stored in the remote database is updated to 
reflect changes made to the at least one control access setting being stored in the computer and 
vice versa [ i.e. update the different of data in local and remote databases ] [ Figure 10A; col 11, 
lines 62-col 12, lines 15; and col 13, lines 27-38 ]; 

It would have been obvious to a person skill in the art at the time the invention was made 
to combine the teaching of Heard and Balogh because the teaching of updating data in Balogh 
would enable the same information to be maintained throughout the system to prevent system 
corruption. 

Heard and Balogh do not specifically disclose 



Application/Control Number: 10/740,743 Page 5 

Art Unit: 2454 

the at least one computer access setting comprising a listing of prohibited computer 
applications to which access is denied, 

the control unit monitoring a request to launch a computer application that would locally 
run on the computer's operating system, the control unit intercepting a message for opening a 
window associated with the requested computer application, the control unit intercepting the 
message before receipt thereof by the computer's internal operating system, the control unit 
querying the another version of the computer access settings for the requested computer 
application, and when the requested computer application is not found in the another version of 
the computer access setting, then the control unit prohibits opening the window associated with 
the requested computer application, thus terminating the launch of the requested computer 
application, as the user is not authorized to access the requested computer application. 

Kruglenko discloses 

the at least one computer access setting comprising a listing of prohibited computer 
applications to which access is denied [ i.e. a list of block keystroke, wherein it contains all 
system hotkeys that may result in starting an application ] [ Figure 5b; and paragraphs 0057 and 
0058 ], 

the control unit monitoring a request to launch a computer application that would locally 
run on the computer's operating system [ i.e. keystroke filter that monitors all keystrokes ] [ 
Figure 4; and paragraphs 0052 and 0053 ], the control unit intercepting a message for opening a 
window associated with the requested computer application, the control unit intercepting the 
message before receipt thereof by the computer's internal operating system [ i.e. keyboard hook 
mechanism where the message traffic is monitored in order to intercept and process certain 
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messages before they reach their target window procedure ] [ paragraphs 0055-0057 ], the 
control unit querying the another version of the computer access settings for the requested 
computer application [ i.e. the hook analyzes the message and if the keystroke is in a list of 
locked keystrokes ] [ Figure 5b; and paragraph 0057 ], and when the requested computer 
application is not found in the another version of the computer access setting, then the control 
unit prohibits opening the window associated with the requested computer application, thus 
terminating the launch of the requested computer application [ i.e. the hook stops the keystroke 
and prevents it from reaching any procedure ] [ paragraphs 0057 and 0058 ], as the user is not 
authorized to access the requested computer application [ i.e. prevents the user from reaching 
insecure programs or resources ] [ Figure 2; Abstract; and paragraphs 0040 and 0047 ]. 

It would have been obvious to a person skill in the art at the time the invention was made 
to combine the teaching of Heard, Balogh and Kruglenko because the teaching of Kruglenko 
access monitoring would enable to prevent unsophisticated users from accessing anything but 
predefined resources on the computer system [ Kruglenko, paragraph 0001 ]. 

7. As per claim 2, Heard discloses wherein the at least one computer event includes user 
log-in on the computer and the computer being connected to the Internet [ i.e. mobile device 
initiates data synchronization and gatekeeper authenticates mobile device ] [810, Figure 8; and 
paragraphs 0069, 0072 and 0073 ]. 
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8. As per claim 4, Heard discloses wherein the at least one computer event includes the start 
up of the computer and the computer being connected to the Internet [ i.e. re-authenticate after 
device has been turn off] [ Rule Policies table ]. 

9. As per claim 6, Heard discloses wherein the computer access settings contain an allow 
list of information that the respective user is authorized to access [ i.e. list of device that can be 
communicated with ] [ paragraph 0066 ]. 

10. As per claim 7, Heard discloses wherein the computer access settings contain a block list 
of information that the respective user is not authorized to access [ i.e. list of device that cannot 
be communicated with ] [ paragraph 0066 ]. 

11. As per claim 8, Heard discloses wherein the computer access settings specify if the 
respective user is authorized to access a particular computer application [ i.e. control application 
access and use ] [ Permission Policies table; and paragraphs 0032 and 0054 ]. 

12. As per claim 1 1 , it is rejected for similar reasons as stated above in claim 1 . Furthermore, 
Heard discloses means for modifying the first version of the computer access setting [ i.e. 
modifying security policy ] [ Figure 8; and paragraphs 0071, 0073 and 0074 ]. 

13. As per claim 12, Heard discloses wherein the second version of the computer access 
settings contain a history of user computer activity [ i.e. history mobile device user activity ] [ 
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paragraphs 0075 and 0076 ], the system further comprising means for transferring the second 
version of the computer access settings to the remote location so that the first version at the 
remote location is updated to include the history of user computer activity contained in the 
second version upon the at least one computer event [ i.e. the log file transfers to the server ] [ 
paragraphs 0058 and 0059 ]. 

14. As per claim 13, it is rejected for similar reasons as stated above in claim 2. 

15. As per claims 15-19, they are rejected for similar reasons as stated above in claims 4-8. 

16. As per claim 22, it is rejected for similar reasons as stated above in claim 1 1 . 

17. As per claim 24, it is rejected for similar reasons as stated above in claim 13. 

18. As per claims 26-30, they are rejected for similar reasons as stated above in claims 15-19. 

19. As per claim 33, it is rejected for similar reasons as stated above in claim 1 1 . 
Furthermore, Heard discloses querying a remotely located serer for a current time [ i.e. a time 
stamp from the server is used ]; preventing manipulation of a local clock setting by preferring the 
current time obtained from the remote server; comparing the current time to the time restrictions 

[ i.e. monitoring the mobile device clock to prevent time tampering ] [ paragraph 0059 ]. 
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20. As per claim 35, it is rejected for similar reasons as stated above in claim 13. 

21. As per claims 37-41, they are rejected for similar reasons as stated above in claims 15-19. 

22. Claims 3, 9, 10, 14, 20, 21, 25, 31, 32, 36, 42 and 43 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Heard et al. [ US Patent Application No 2006/0242685 ], in view of 
Balogh et al. [ US Patent No 7,047,258 ], and further in view of Kruglenko [ US Patent 
Application No 2003/0217287 ] and Dunn [ US Patent No 7,076,558 ]. 

23. As per claim 3, Heard, Balogh and Kruglenko do not specifically disclose wherein the at 
least one computer event includes user log-out on the computer and the computer being 
connected to the Internet. Dunn discloses wherein the at least one computer event includes user 
log-out on the computer and the computer being connected to the Internet [ i.e. disconnect ] [ col 
37, lines 4-11]. It would have been obvious to a person skill in the art at the time the invention 
was made to combine the teaching of Heard, Balogh, Kruglenko and Dunn because the teaching 
of Dunn would allow a web services user to control access to user-specific information stored in 
associated with a software service offered by a web-service provider [ Dunn, col 1, lines 6-10; 
and col 2, lines 10-21 ]. 



24. As per claim 9, Dunn discloses wherein the computer access settings specify if the 
respective user is authorized to access a particular web site [ col 39, lines 53-col 41, lines 54 ]. 
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25. As per claim 10, Dunn discloses wherein the computer access settings specify if the 
respective user is authorized to access a category of information that includes computer 
applications and web sites [ col 8, lines 52-61 ]. 

26. As per claim 14, it is rejected for similar reasons as stated above in claim 3. 

27. As per claim 20 and 21, they are rejected for similar reasons as stated above in claims 9 
and 10. 

28. As per claim 25, it is rejected for similar reasons as stated above in claim 14. 

29. As per claims 3 1 and 32, they are rejected for similar reasons as stated above in claims 20 
and 21. 

30. As per claim 36, it is rejected for similar reasons as stated above in claim 14. 

31. As per claims 42 and 43, they are rejected for similar reasons as stated above in claims 20 
and 21. 



32. Applicant's arguments with respect to claims 1-4, 6-22, 24-33, and 35-43 have been 
considered but are moot in view of the new ground(s) of rejection. 
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33. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Dustin Nguyen whose telephone number is (571) 272-3971. The 
examiner can normally be reached on flex. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nathan Flynn can be reached at (571) 272-1915. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

/Dustin Nguyen/ 

Primary Examiner, Art Unit 2154 



